picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

unit: enable DynamicUser= for journal-upload

This commit is contained in:
Yu Watanabe 2017-10-06 16:06:21 +09:00
parent 48d3e88c18
commit 941afc4b90
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
units/systemd-journal-upload.service.in
View File

@ -14,11 +14,10 @@ After=network-online.target
[Service] [Service]
ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state
User=systemd-journal-upload User=systemd-journal-upload
DynamicUser=yes
SupplementaryGroups=systemd-journal SupplementaryGroups=systemd-journal
WatchdogSec=3min WatchdogSec=3min
PrivateTmp=yes
PrivateDevices=yes PrivateDevices=yes
ProtectSystem=strict
ProtectHome=yes ProtectHome=yes
ProtectControlGroups=yes ProtectControlGroups=yes
ProtectKernelTunables=yes ProtectKernelTunables=yes